Wednesday, August 26, 2009

Note: This post comes from my friend "Mike". The previous post from thetheregister.co.uk on this threat was full of egregious errorand incorrectstatements regarding; "such as in countries still under ITAR* restrictions"

"* International Traffic in Arms Regulations - US restrictions on the export of cryptographic technology."

It should be noted that the majority of encryption regulations (and explicitly "commercial encryption", such as (GSM) are under the jurisdiction of the Dept. of Commerce, Export Administration Regulations. The encryption rules were transferred from Department of State (ITAR) to the Commerce Department (BIS) in 1996. The only remaining "encryption regulations" under the US Munitions List (USML) are specific to "military and space applications" (ie., part 121, Category XI, Category XIII, and Category XV). Thanks to "Mike" for setting the record straight! J.D.L.

neowin.netRecently at the Hacking at Random (HAR) conference, held in the Netherlands, Karsten Nohl detailed plans for cracking standard GSM cell phone encryption, known as A5/1, and will be making the results available for anyone to use. GSM stands for Global System for Mobile communications and is the most commonly used cell phone standard in the world, and is used in Europe, Africa, Asia, New Zealand, Australia, America and Canada.

The GSM flaw is massive and would affect not only businesses but individuals also as once the hack is complete it means anyone with a $500 radio card and a laptop will be able to listen in to GSM calls, making it easier for criminals to obtain personal data and making listening in on normal voice calls a real and everyday threat.More...

Prior to starting ComSec LLC in 2007, Mr. LeaSure was active within the counterespionage, counterterrorism and TSCM fields for 26 years. He has attained the prestigious CCISM, Certified Counterespionage Information Security Management Certification. He also has extensive training, knowledge and experience in the identification of eavesdropping devices, espionage detection methods and the intelligence collection tactics most often employed by perpetrators of electronic espionage.

J.D. LeaSure is also the Director of the Espionage Research Institute International (ERII). As Director, he is tasked with ensuring the organization is successful in its mission to provide continuing education, facilitate professional relationship building and ensure the counterespionage & counterintelligence skill sets of its membership remains current as espionage tactics and devices evolve.